TCLUG Archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [TCLUG:8149] ssh and NAT - solved



Quoting Unni Nambiar (unambiar@Legato.COM):
> Here's an update on the ssh and NAT issue for those interested.  Its working
> now.
> 
> To recap, the problem was that after switching to DSL using Cisco 675 with
> NAT enabled, i could not run more than one ssh session from home to my
> office at any time.  The second ssh would hang in SYN_SENT and

I also believe you can set UsePrivilegedPort to no in the /etc/ssh/ssh_conf to
get the same effect.

The downside to this is, that at Real Time for instance, our firewall looks
for ssh coming from port 22, if it isn't, we reject the connection. I know
other places do the same thing.
-- 
Bob Tanner <tanner@real-time.com>       | Phone : (612)943-8700
http://www.real-time.com                | Fax   : (612)943-8500
Key fingerprint =  6C E9 51 4F D5 3E 4C 66 62 A9 10 E5 35 85 39 D9